J Examples of Risks Posed by Unprotected Information

The following cases in which commercial, national security, and other sensitive information was compromised illustrate the variety and seriousness of threats to personal assets and privacy, business interests, and public well-being, among others. No claim is made that cryptography alone could have prevented these violations, but in the instances cited, cryptography might have had some role in protecting information against misappropriation and misuse. As discussed in Chapters 1 and 2, cryptographic technologies are part of an overall strategy to reduce information vulnerability.

J.1 RISKS ADDRESSED BY CRYPTOGRAPHY FOR AUTHENTICATION

• A pair of reporters wrote a controversial book about the hacking activities of a particular group. They subsequently found that their telephone had been "call forwarded" without their permission to another location where callers were greeted with obscenities, and that their Internet mailboxes had been filled with junk e-mail.1 Cryptography for authentication might have reduced the likelihood that the hackers would be able to penetrate the telephone switch servicing the reporters' homes.

• Secret documents belonging to General Motors (GM) containing

1 Philip Elmer-Dewitt, "Terror on the Internet," Time, December 12, 1994, p. 73.

information about a new GM vehicle to be sold in Europe and a top-secret experimental car were seized at an apartment used by a former GM executive who had since joined Volkswagen.2 Cryptography for authentication that created an audit trail might have helped to identify the former executive sooner.

• Insiders at the First National Bank of Chicago transferred $70 million in bogus transactions out of client accounts. One transaction exceeded permissible limits, but the insiders managed to intercept the telephone request for manual authorization.3 Cryptography for authentication might have helped to deny access of the insiders to the telephone request for authorization.

• A Dutch bank employee made two bogus computer-based transfers to a Swiss account, for $8.4 million and $6.7 million, in 1987. Each transfer required the password of two different people for authorization; however, the employee knew someone else's password as well as his own.4 Cryptography for authentication might have hindered the ability of a single individual to pretend that he was the second employee.

• The First Interstate Bank of California received a bogus request to transfer $70 million over the automated clearinghouse network. The request came via computer tape, accompanied by phony authorization forms, and was detected and canceled only because it overdrew the debited account.5 Cryptography for authentication might have demonstrated that the authorization was invalid.

• Forty-five Los Angeles police officers were cited from 1989 to 1992 for using department computers to run background checks for personal reasons.6 Cryptography for authentication might have been part of an audit trail that would have reduced the likelihood of abusing the department's computer system.

J.2 RISKS ADDRESSED BY CRYPTOGRAPHY FOR CONFIDENTIALITY

• According to unclassified sources, a foreign intelligence service conducted signal intelligence (SIGINT) operations against a major U.S. airplane manufacturer, intercepting telemetry data transmitted from an airplane under development during a particular set of flight tests and a

video teleconference held among company engineers located at various sites.7 Encryption of the telemetry data and the video conference might have kept sensitive information away from the foreign intelligence service.

• A bounty of $80,000 was reportedly posted on the Internet in 1994 for a notebook computer belonging to any Fortune 100 executive.8 Encryption of the files on the laptop might have helped to keep sensitive information confidential).

• A Green Bay Packer football player was overheard calling a male escort service and making explicit requests.9 A 23-minute conversation allegedly between Princess Diana and a man who called her "my darling Squidge" was taped by a retired bank manager in Oxford and transcribed in The Sun.10 The transcript of that conversation has now been circulated widely. Encryption of these communications would have prevented the disclosure of the information in question.

• In one instance relayed to the committee, a large multinational manufacturer dispatched a salesperson to engage in negotiations with a foreign nation. A laptop computer that carried a great deal of sensitive information relevant to those negotiations was seized by the border authorities and returned to the salesperson three days later. As the negotiations proceeded, it became clear to the salesperson that his opposites had all of the information carried on his laptop. In another instance, a major multinational company with customer support offices in China experienced a break-in in which Chinese nationals apparently copied paper documents and unencrypted computer files. Encryption of the stored files might have reduced the likelihood that the data contained therein would have been compromised.

J.3 RISKS ADDRESSED BY CRYPTOGRAPHY FOR BOTH AUTHENTICATION AND CONFIDENTIALITY

In the following instances, both authentication and confidentiality might have had a useful role to play. Authentication could have been useful to keep intruders out of the computer systems in question, while confidentiality could have helped frustrate their attempt to view or obtain

plaintext of information stored on those systems. However, in any individual example, it is not known if cryptographic authentication or encryption was or was not a part of the computer systems or networks that were penetrated.

• A reporter for Newsweek who wrote an article on malicious hacking activities was subjected to an electronic bulletin board trial and pronounced guilty. Subsequently, someone accessed a TRW credit database to obtain and post the reporter's credit card numbers. As a result, $1,100 in merchandise was charged to him, and his home computer was crashed remotely via his unlisted telephone number.11

• An employee of Disney World gained illegal access to Disney computer systems in 1994, reading confidential data files on employees and deleting information from the systems.12

• A major multinational chemical manufacturer headquartered in the United States has deployed an on-line videotext system that contains considerable amounts of proprietary information about processes used by that company. This manufacturer has disconnected one of its plants, located in the Far East, from the videotext network because of evidence that the government of the nation in which the plant is located is both willing and able to tap into this network to obtain valuable information that could be passed on to the manufacturer's foreign competitors.

• The domestic security service of a major Western European nation found information belonging to a major multinational manufacturer headquartered in the United States in the private homes of individuals with no connection to the manufacturer. This information was found marked for sale to a competitor of the manufacturer in question and was apparently obtained through the computer hacking efforts of these individuals.

J.4 RISKS ADDRESED BY CRYPTOGRAPHY FOR DATA INTEGRITY

• A convicted forger serving a 33-year term was released from jail after a forged fax had been received ordering his release. A legitimate fax had been altered to bear his name.13 Cryptography to ensure data integrity might have helped to detect the forgery.

• A prison inmate gained access to the on-line prison information system and managed to alter his release date. The alteration was detected by a suspicious deputy comparing the on-line entry with manual records, after the inmate had bragged about how he was going to get out early.14 Cryptography to ensure data integrity might have helped to detect the alteration of the files.

For every opportunity presented by the information age, there is an opening to invade the privacy and threaten the security of the nation, U.S. businesses, and citizens in their private lives. The more information that is transmitted in computer-readable form, the more vulnerable we become to automated spying. It's been estimated that some 10 billion words of computer-readable data can be searched for as little as $1. Rival companies can glean proprietary secrets . . . anti-U.S. terrorists can research targets . . . network hackers can do anything from charging purchases on someone else's credit card to accessing military installations. With patience and persistence, numerous pieces of data can be assembled into a revealing mosaic. Cryptography's Role in Securing the Information Society addresses the urgent need for a strong national policy on cryptography that promotes and encourages the widespread use of this powerful tool for protecting of the information interests of individuals, businesses, and the nation as a whole, while respecting legitimate national needs of law enforcement and intelligence for national security and foreign policy purposes. This book presents a comprehensive examination of cryptography--the representation of messages in code--and its transformation from a national security tool to a key component of the global information superhighway. The committee enlarges the scope of policy options and offers specific conclusions and recommendations for decision makers. Cryptography's Role in Securing the Information Society explores how all of us are affected by information security issues: private companies and businesses; law enforcement and other agencies; people in their private lives. This volume takes a realistic look at what cryptography can and cannot do and how its development has been shaped by the forces of supply and demand. How can a business ensure that employees use encryption to protect proprietary data but not to conceal illegal actions? Is encryption of voice traffic a serious threat to legitimate law enforcement wiretaps? What is the systemic threat to the nation's information infrastructure? These and other thought-provoking questions are explored. Cryptography's Role in Securing the Information Society provides a detailed review of the Escrowed Encryption Standard (known informally as the Clipper chip proposal), a federal cryptography standard for telephony promulgated in 1994 that raised nationwide controversy over its "Big Brother" implications. The committee examines the strategy of export control over cryptography: although this tool has been used for years in support of national security, it is increasingly criticized by the vendors who are subject to federal export regulation. The book also examines other less well known but nevertheless critical issues in national cryptography policy such as digital telephony and the interplay between international and national issues. The themes of Cryptography's Role in Securing the Information Society are illustrated throughout with many examples -- some alarming and all instructive -- from the worlds of government and business as well as the international network of hackers. This book will be of critical importance to everyone concerned about electronic security: policymakers, regulators, attorneys, security officials, law enforcement agents, business leaders, information managers, program developers, privacy advocates, and Internet users.

Welcome to OpenBook!

You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.